A C++/Asm template for PIC/EXE/DLL malware
☆24Aug 12, 2025Updated 10 months ago
Alternatives and similar repositories for Imperium
Users that are interested in Imperium are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆45Nov 4, 2025Updated 7 months ago
- Extra cmdlets to help with quering security related information from Azure☆15Sep 16, 2024Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆84Jul 25, 2025Updated 10 months ago
- Command Augmentation support for BOFs and .NET assemblies across agents☆46May 6, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆24Feb 10, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆18Mar 4, 2023Updated 3 years ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆138Aug 31, 2025Updated 9 months ago
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- Repository to gather the .NET malware I will be developing☆18Mar 7, 2026Updated 3 months ago
- ☆59Updated this week
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- shell code example☆69Dec 12, 2025Updated 6 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 9 months ago
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- Local SYSTEM auth trigger for relaying - X☆158Jul 23, 2025Updated 10 months ago
- ☆24Sep 6, 2025Updated 9 months ago
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various method…☆22Jun 4, 2026Updated last week
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆64Mar 17, 2025Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 3 years ago
- Malware?☆75Oct 26, 2025Updated 7 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆38Aug 31, 2025Updated 9 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Mass target enumeration☆32Apr 3, 2021Updated 5 years ago
- A Windows PE loader / manual mapper for executables (x86 and x64) with full TLS (Thread Local Storage) support.☆100Oct 27, 2025Updated 7 months ago
- A dotnet executable to get an Entra token in an authenticated runtime☆17Oct 30, 2024Updated last year
- A simple parser(library) which extracts shimcache data from windows.☆16May 20, 2019Updated 7 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆107Feb 25, 2025Updated last year
- Encodes a payload within a generated mock-CSS file☆59Sep 18, 2023Updated 2 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Collection of red team techniques.☆71Apr 25, 2025Updated last year
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 10 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- ☆43Feb 18, 2025Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆47Mar 3, 2026Updated 3 months ago
- Load Dll into Kernel space☆39Aug 23, 2022Updated 3 years ago